offensive-iot

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content is an explicit offensive IoT playbook containing step‑by‑step techniques for gaining shells, bypassing secure boot, extracting keys/credentials, writing implants to flash, intercepting OTA/app traffic, and pivoting — all patterns that enable backdoors, persistent remote code execution, credential theft, data exfiltration, and supply‑chain compromise.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow explicitly instructs fetching and analyzing open/public third-party content — e.g., the "OTA Capture" step ("mitmproxy ... Capture the URL, download directly, dissect"), cloud/API and companion-app analysis sections (grep for api/vendor, mosquitto_sub against target.broker), which require ingesting untrusted external firmware, web endpoints, and broker messages that can materially change subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt contains explicit, actionable instructions that require root/sudo and direct manipulation of the host (e.g., "sudo create_ap", transparent mitmproxy setup, flashrom, /dev/mem and mtd writes), which push an agent to obtain elevated privileges and change the machine's state.